[permissions] fix workflows + remove shouldBypassPermissionChecks for system objects (#12559)

In this PR 1. fix workflow step creation by adding forgotten `shouldBypassPermissionChecks` in WorkflowVersionStepWorkspaceService 2. clarify the rule for twentyORMGlobalManager: do not add unnecessary `shouldBypassPermissionChecks` for system objects (there are no object-records permission checks on system objects, they are dealt with at resolver level)
2025-06-12 13:56:41 +02:00
parent a614e00308
commit a189f15313
8 changed files with 5 additions and 15 deletions
--- a/packages/twenty-server/src/database/commands/upgrade-version-command/0-54/0-54-clean-not-found-files.command.ts
+++ b/packages/twenty-server/src/database/commands/upgrade-version-command/0-54/0-54-clean-not-found-files.command.ts
@ -188,6 +188,7 @@ export class CleanNotFoundFilesCommand extends ActiveOrSuspendedWorkspacesMigrat
      await this.twentyORMGlobalManager.getRepositoryForWorkspace<PersonWorkspaceEntity>(
        workspaceId,
        'person',
+        { shouldBypassPermissionChecks: true },
      );
    const people = await personRepository.find({
      where: {
--- a/packages/twenty-server/src/database/commands/upgrade-version-command/0-55/0-55-deduplicate-indexed-fields.command.ts
+++ b/packages/twenty-server/src/database/commands/upgrade-version-command/0-55/0-55-deduplicate-indexed-fields.command.ts
@ -73,6 +73,7 @@ export class DeduplicateIndexedFieldsCommand extends ActiveOrSuspendedWorkspaces
      await this.twentyORMGlobalManager.getRepositoryForWorkspace(
        workspaceId,
        'company',
+        { shouldBypassPermissionChecks: true },
      );

    const duplicates = await companyRepository
@ -121,6 +122,7 @@ export class DeduplicateIndexedFieldsCommand extends ActiveOrSuspendedWorkspaces
      await this.twentyORMGlobalManager.getRepositoryForWorkspace(
        workspaceId,
        'person',
+        { shouldBypassPermissionChecks: true },
      );

    const duplicates = await personRepository